Government Gurus Warn of Stolen SSH Rootkit Attacks
August 27th, 2008 by Justin Ryan
The United States Computer Emergency Readiness Team is warning users running Linux systems and utilizing SSH for system access that a new round of rootkit attacks is underway. According to reports, the attacks focus on using stolen SSH keys to gain system access, after which the attackers use kernel exploits to gain root access and deploy the phalanx2 rootkit. Once installed, the rootkit steals SSH keys from the system which may then be used to further the attacks.
US-CERT has provided instructions for detecting and mitigating the attacks, as well as advice for those who determine their systems have been compromised.
__________________________
Justin Ryan is the News Editor for Linux Journal.
Look for him in the #linuxjournal IRC channel.
Special Magazine Offer -- Free Gift with Subscription
Receive a free digital copy of Linux Journal's System Administration Special Edition as well as instant online access to current and past issues. CLICK HERE for offer
Linux Journal: delivering readers the advice and inspiration they need to get the most out of their Linux systems since 1994.
Delicious
Digg
StumbleUpon
Reddit
Facebook
Post to TwitterSubscribe now!
The Latest
Newsletter
Tech Tip Videos
Recently Popular
From the Magazine
December 2009, #188
If last month's Infrastrucuture issue was too "big" for you then try on this month's Embedded issue. Find out how to use Player for programming mobile robots, build a humidity controller for your root cellar, find out how to reduce the boot time of your embedded system, and if you're new to embedded systems find out the basics that go into one. You can also read about the Beagle Board, the Mesh Potato and a spate of other interestingly named items. And along with our regular columns don't miss our new monthly column: Economy Size Geek.
Post new comment